org.bouncycastle.tls.crypto.impl

Class TlsBlockCipher

java.lang.Object

org.bouncycastle.tls.crypto.impl.TlsBlockCipher

All Implemented Interfaces:

TlsCipher

public class TlsBlockCipher
extends java.lang.Object
implements TlsCipher

A generic TLS 1.0-1.2 block cipher. This can be used for AES or 3DES for example.

Field Summary

Fields

Modifier and Type	Field and Description
protected boolean	acceptExtraPadding
protected TlsCryptoParameters	cryptoParams
protected TlsBlockCipherImpl	decryptCipher
protected TlsBlockCipherImpl	encryptCipher
protected boolean	encryptThenMAC
protected byte[]	randomData
protected TlsSuiteMac	readMac
protected boolean	useExplicitIV
protected boolean	useExtraPadding
protected TlsSuiteMac	writeMac

Constructor Summary

Constructors

Constructor and Description
TlsBlockCipher(TlsCryptoParameters cryptoParams, TlsBlockCipherImpl encryptCipher, TlsBlockCipherImpl decryptCipher, TlsHMAC clientMac, TlsHMAC serverMac, int cipherKeySize)

Method Summary

Modifier and Type	Method and Description
protected int	checkPaddingConstantTime(byte[] buf, int off, int len, int blockSize, int macSize)
protected int	chooseExtraPadBlocks(int max)
TlsDecodeResult	decodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion, byte[] ciphertext, int offset, int len) Decode the passed in ciphertext using the current bulk cipher.
TlsEncodeResult	encodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion, int headerAllocation, byte[] plaintext, int offset, int len) Encode the passed in plaintext using the current bulk cipher.
int	getCiphertextDecodeLimit(int plaintextLimit) Return the maximum input size for a ciphertext given a maximum output size for the plaintext of plaintextLimit bytes.
int	getCiphertextEncodeLimit(int plaintextLength, int plaintextLimit) Return the maximum output size for a ciphertext given an actual input plaintext size of plaintextLength bytes and a maximum input plaintext size of plaintextLimit bytes.
protected int	getCiphertextLength(int blockSize, int macSize, int maxPadding, int plaintextLength)
int	getPlaintextLimit(int ciphertextLimit) Return the maximum size for the plaintext given ciphertextlimit bytes of ciphertext.
protected int	lowestBitSet(int x)
void	rekeyDecoder()
void	rekeyEncoder()
boolean	usesOpaqueRecordType()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

cryptoParams

protected final TlsCryptoParameters cryptoParams

randomData

protected final byte[] randomData

encryptThenMAC

protected final boolean encryptThenMAC

useExplicitIV

protected final boolean useExplicitIV

acceptExtraPadding

protected final boolean acceptExtraPadding

useExtraPadding

protected final boolean useExtraPadding

decryptCipher

protected final TlsBlockCipherImpl decryptCipher

encryptCipher

protected final TlsBlockCipherImpl encryptCipher

readMac

protected final TlsSuiteMac readMac

writeMac

protected final TlsSuiteMac writeMac

Constructor Detail

TlsBlockCipher

public TlsBlockCipher(TlsCryptoParameters cryptoParams,
                      TlsBlockCipherImpl encryptCipher,
                      TlsBlockCipherImpl decryptCipher,
                      TlsHMAC clientMac,
                      TlsHMAC serverMac,
                      int cipherKeySize)
               throws java.io.IOException

Throws:

java.io.IOException

Method Detail

getCiphertextDecodeLimit

public int getCiphertextDecodeLimit(int plaintextLimit)

Description copied from interface: TlsCipher

Return the maximum input size for a ciphertext given a maximum output size for the plaintext of plaintextLimit bytes.

Specified by:

getCiphertextDecodeLimit in interface TlsCipher

Parameters:

plaintextLimit - the maximum output size for the plaintext.

Returns:

the maximum input size of the ciphertext for plaintextlimit bytes of output.

getCiphertextEncodeLimit

public int getCiphertextEncodeLimit(int plaintextLength,
                                    int plaintextLimit)

Description copied from interface: TlsCipher

Return the maximum output size for a ciphertext given an actual input plaintext size of plaintextLength bytes and a maximum input plaintext size of plaintextLimit bytes.

Specified by:

getCiphertextEncodeLimit in interface TlsCipher

Parameters:

plaintextLength - the actual input size for the plaintext.

plaintextLimit - the maximum input size for the plaintext.

Returns:

the maximum output size of the ciphertext for plaintextlimit bytes of input.

getPlaintextLimit

public int getPlaintextLimit(int ciphertextLimit)

Description copied from interface: TlsCipher

Return the maximum size for the plaintext given ciphertextlimit bytes of ciphertext.

Specified by:

getPlaintextLimit in interface TlsCipher

Parameters:

ciphertextLimit - the maximum number of bytes of ciphertext.

Returns:

the maximum size of the plaintext for ciphertextlimit bytes of input.

encodePlaintext

public TlsEncodeResult encodePlaintext(long seqNo,
                                       short contentType,
                                       ProtocolVersion recordVersion,
                                       int headerAllocation,
                                       byte[] plaintext,
                                       int offset,
                                       int len)
                                throws java.io.IOException

Description copied from interface: TlsCipher

Encode the passed in plaintext using the current bulk cipher.

Specified by:

encodePlaintext in interface TlsCipher

Parameters:

seqNo - sequence number of the message represented by plaintext.

contentType - content type of the message represented by plaintext.

recordVersion - ProtocolVersion used for the record.

headerAllocation - extra bytes to allocate at start of returned byte array.

plaintext - array holding input plaintext to the cipher.

offset - offset into input array the plaintext starts at.

len - length of the plaintext in the array.

Returns:

A TlsEncodeResult containing the result of encoding (after 'headerAllocation' unused bytes).

Throws:

java.io.IOException

decodeCiphertext

public TlsDecodeResult decodeCiphertext(long seqNo,
                                        short recordType,
                                        ProtocolVersion recordVersion,
                                        byte[] ciphertext,
                                        int offset,
                                        int len)
                                 throws java.io.IOException

Description copied from interface: TlsCipher

Decode the passed in ciphertext using the current bulk cipher.

Specified by:

decodeCiphertext in interface TlsCipher

Parameters:

seqNo - sequence number of the message represented by ciphertext.

recordType - content type used in the record for this message.

recordVersion - ProtocolVersion used for the record.

ciphertext - array holding input ciphertext to the cipher.

offset - offset into input array the ciphertext starts at.

len - length of the ciphertext in the array.

Returns:

A TlsDecodeResult containing the result of decoding.

Throws:

java.io.IOException

rekeyDecoder

public void rekeyDecoder()
                  throws java.io.IOException

Specified by:

rekeyDecoder in interface TlsCipher

Throws:

java.io.IOException

rekeyEncoder

public void rekeyEncoder()
                  throws java.io.IOException

Specified by:

rekeyEncoder in interface TlsCipher

Throws:

java.io.IOException

usesOpaqueRecordType

public boolean usesOpaqueRecordType()

Specified by:

usesOpaqueRecordType in interface TlsCipher

checkPaddingConstantTime

protected int checkPaddingConstantTime(byte[] buf,
                                       int off,
                                       int len,
                                       int blockSize,
                                       int macSize)

chooseExtraPadBlocks

protected int chooseExtraPadBlocks(int max)

getCiphertextLength

protected int getCiphertextLength(int blockSize,
                                  int macSize,
                                  int maxPadding,
                                  int plaintextLength)

lowestBitSet

protected int lowestBitSet(int x)